As of May 25, 2018, in accordance with the GDPR policy enacted by the EU, the ACMOC website now requires all users who register to use our site to update their privacy policy agreement. Even though you may have already been a long-time user, registrant and/or member, we require that you reaffirm your agreement to use our sites. We are sending an email to all registered users to that effect. There will also be some pop ups build into the site that require confirmation of these agreements. In effect, these agreements confirm to you as a registered user that we will safeguard the information you give to us. Our policy is to not sell our member's information to outside marketing or data-mining companies. We are required however, to make any user aware that we collect pertinent information to allow use of our site.

Thank you for being active participants in our site.

05-25-2018, 07:29 PM

d9gdon

Who gave the European Union authority to set General Data Protection Regulation policy with the an American website?

My membership dues would like to know.

05-25-2018, 07:47 PM

Neil

It's because this site offers services to, and captures personal data from, members in the EU. If an outfit captures personal data of EU citizens, then it is bound by the GDPR. Many organizations are setting a blanket policy because it's easier to implement one global policy than piecemeal around the world. Your membership dues has a choice whether to agree to the policy.
Looks like ACMOC just squeaked within the deadline of 5/25 - good job Bruce :thumb:

05-25-2018, 08:03 PM

old-iron-habit

I have gotten notices about this from a dozen different places in the last few weeks. It tightens the restrictions on the amount of information that can be gathered from me and passed on. Lessening the amount of my information that can be given out is not a bad thing in my book.

05-26-2018, 06:09 AM

d9gdon

Neil, I have a problem with a foreign entity setting internet policy for Americans, not so much with ACMOC. So since I'm American and I don't want to abide by a foreign policy, then I don't get to use the website that I help pay for?

05-26-2018, 06:55 AM

Neil

Don: acknowledged. But you can do something about it if it's important to you.

A key point here is that any organization that wants to collect private data on EU individuals has to abide by EU rules. ACMOC is a U.S.-based club but collects personal data on EU citizens. Similarly (and I'm hoping you'd see that this is the same situation), any organization that wants to collect private data on U.S. individuals has to abide by U.S. privacy rules, regardless of that organization's base country. Turns out that EU rules are pretty much a superset of U.S. rules. To avoid the application of the GPDR rules to ACMOC, the club would need to not allow any EU citizens to sign up and be members (and the club would have to enforce it in order to demonstrate compliance - this would be an expensive undertaking, and likely not seen as a worthwhile use of precious funds by club members). The practical effect of the club's policy is virtually nil on members - the club already has member personal information so essentially all they're doing by complying with the GPDR is agreeing to keep that information safe (there's a bunch of regulations behind the word "safe" but that's the basic intent). That's really no different from complying with U.S. data privacy regulations.

If you feel that it's not where the club should go, you could put forth a motion to the club to disallow EU members - I'd guess it would be an unpopular motion (I wouldn't support it - I like that we have a wide variety of members) and unlikely to succeed but nevertheless you could give it a shot.

05-26-2018, 12:42 PM

B4D2

Neil, you obviously have a firm grip on the GDPR. During our meeting to discuss our compliance strategy, one of our admins came up with the same concern that D9gdon asked. Just how can the European Union impose restrictions on a USA website? You answered the question exactly correct. Our little club website has a global reach and impact. As such, and considering we do have members who reside in the EU (Chapter 2 included) we are bound to abide. Failure to do so can result in massive fines north of a few million. You also are correct that we could have opted out of allowing any IP addresses from Europe to reach our site, but besides annoying many users and members, that would also fly in the face of our Cat license which includes servicing of our EU brethren.

05-26-2018, 01:43 PM

Neil

Hi Bruce,
yes it's a valid question and your admin and Don are both right to question it - we should always be informed about what the club does and why. I think part of the GDPR issue is that it wasn't well-publicized here (being as it's a European ruling) so it's likely caught a number of folks this side of the Atlantic short. But you and the team have met the compliance date so we're in really good shape - thanks for all you do!

I will then expect further special treatment for being in the minority, including a membership discount. I don't expect that you will check my IP address when I claim that status.

05-26-2018, 09:32 PM

jumbo

Overall, it will help with stopping people mining your information and reselling it for nefarious purposes, The EU is more concerned with privacy for the people on the internet that regulators are in the US.